Did Microsoft hand the NSA access to encrypted messages?

Brendon Lynch, Microsoft’s Chief Privacy Officer, clarifies Microsoft’s position on NSA’s data gathering and shares his views on the five major trends with privacy implications

"Privacy has been a core pillar for Microsoft right from the beginning," he said. "For us it has always been about customer trust."

According to Lynch, Microsoft adopts the principles of privacy by design, but the challenge is that "the goalposts seem to shift in terms of what is acceptable and not" quite rapidly. However, he said that Microsoft considers 'robust privacy management' important to gain and maintain customer trust and to enable valuable data uses.

Five major trends with privacy implications

1. The ubiquity of computing: There will be trillions of connected devices in 10 years.

2. Natural interactions such as voice recognition, gestures, capturing of biometric data, etc., will gain ground. "What is going to happen to all that data?" he asked.

3. Big data in the cloud will result in data-driven innovation.

4. Tailored, social experiences will personalized experiences to people but it is littered with potential privacy landmines.

5. Data collection and use by governments

Because of these trends, he said that there is a need for a big focus on privacy. But the key question are: how can organizations be good stewards of this data, how can organisations keep their privacy promises and how can organizations help people make the privacy choices that are right for them?

"People are struggling with the privacy choices today because there is so much data to be shared or protected," Lynch said. He cited the example of lengthy legal documents that are served out to users when they sign for an online service. "You can't made decisions based on reading privacy policies," he said. According to a research, it would take you 76 days to read through the privacy policies of all the common online services that you use.

Microsoft's approach

Lynch said that Microsoft has a corporate team that leads privacy policies. There are well-trained privacy people in all teams be it engineering, or in marketing. Currently, the company has 139 people with CIPP certification at Microsoft, a certification issued by IAPP (International association of Privacy Professionals).

For privacy, Microsoft has global principle-based policy, and there are standards, procedures and guidance. The company has over 40 full-time privacy professionals.

"Today, there is a dilemma for both individuals and IT service providers between choosing privacy and making computing more user-friendly," he aid, hinting at the hesitation people feel in sharing their personal data with Internet companies. (the text of the story was slightly modified on 6 June Singapore time)